diff options
author | robiscool <robrob2626@yahoo.com> | 2009-10-06 15:13:43 -0700 |
---|---|---|
committer | robiscool <robrob2626@yahoo.com> | 2009-10-06 15:13:43 -0700 |
commit | a39d18d35f155660bcba150985a330285d6df6cf (patch) | |
tree | 2bd40b4b5e3b2ea1cf95fc8cf67553755f3eb874 /config | |
parent | 9fa04cd2b2e77a32bee61d5ebb64295ff05b7e8c (diff) | |
download | pfsense-packages-a39d18d35f155660bcba150985a330285d6df6cf.tar.gz pfsense-packages-a39d18d35f155660bcba150985a330285d6df6cf.tar.bz2 pfsense-packages-a39d18d35f155660bcba150985a330285d6df6cf.zip |
snort snort-dev, do not clear snort2c table on filter reloads, add icmp packets
Diffstat (limited to 'config')
-rw-r--r-- | config/snort-dev/snort.inc | 5 | ||||
-rw-r--r-- | config/snort-dev/snort.xml | 4 | ||||
-rw-r--r-- | config/snort-dev/snort_dynamic_ip_reload.php | 6 | ||||
-rwxr-xr-x | config/snort/snort.inc | 5 | ||||
-rw-r--r-- | config/snort/snort.xml | 4 | ||||
-rw-r--r-- | config/snort/snort_dynamic_ip_reload.php | 6 |
6 files changed, 14 insertions, 16 deletions
diff --git a/config/snort-dev/snort.inc b/config/snort-dev/snort.inc index 7320db00..575192b9 100644 --- a/config/snort-dev/snort.inc +++ b/config/snort-dev/snort.inc @@ -1184,15 +1184,14 @@ preprocessor frag3_engine: policy first preprocessor frag3_engine: policy bsd detect_anomalies preprocessor stream5_global: max_tcp 8192, track_tcp yes, \ -track_udp yes -# track_icmp yes +track_udp yes, track_icmp yes preprocessor stream5_tcp: bind_to any, policy windows preprocessor stream5_tcp: bind_to any, policy linux preprocessor stream5_tcp: bind_to any, policy vista preprocessor stream5_tcp: bind_to any, policy macos preprocessor stream5_tcp: policy BSD, ports both all, use_static_footprint_sizes preprocessor stream5_udp -# preprocessor stream5_icmp +preprocessor stream5_icmp ########################## # diff --git a/config/snort-dev/snort.xml b/config/snort-dev/snort.xml index a6f2ffa1..fc32ceb9 100644 --- a/config/snort-dev/snort.xml +++ b/config/snort-dev/snort.xml @@ -46,8 +46,8 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>Snort</name> - <version>2.8.4.1_3</version> - <title>Services: Snort 2.8.4.1_3 pkg v. 1.7 alpha</title> + <version>2.8.4.1_5</version> + <title>Services: Snort 2.8.4.1_5 pkg v. 1.7 alpha</title> <include_file>/usr/local/pkg/snort.inc</include_file> <menu> <name>Snort</name> diff --git a/config/snort-dev/snort_dynamic_ip_reload.php b/config/snort-dev/snort_dynamic_ip_reload.php index 7933ba16..0fad085b 100644 --- a/config/snort-dev/snort_dynamic_ip_reload.php +++ b/config/snort-dev/snort_dynamic_ip_reload.php @@ -3,7 +3,7 @@ /* $Id$ */ /* snort_dynamic_ip_reload.php - Copyright (C) 2006 Scott Ullrich + Copyright (C) 2006 Scott Ullrich and Robert Zeleya All rights reserved. Redistribution and use in source and binary forms, with or without @@ -29,6 +29,7 @@ */ /* NOTE: this file gets included from the pfSense filter.inc plugin process */ +/* NOTE: file location /usr/local/pkg/pf, all files in pf dir get exec on filter reloads */ require_once("/usr/local/pkg/snort.inc"); require_once("service-utils.inc"); @@ -38,12 +39,11 @@ require_once("config.inc"); if($config['interfaces']['wan']['ipaddr'] == "pppoe" or $config['interfaces']['wan']['ipaddr'] == "dhcp") { create_snort_conf(); - mwexec("/sbin/pfctl -t snort2c -T flush"); exec("killall -HUP snort"); /* define snortbarnyardlog_chk */ $snortbarnyardlog_info_chk = $config['installedpackages']['snortadvanced']['config'][0]['snortbarnyardlog']; if ($snortbarnyardlog_info_chk == on) - exec("/usr/bin/killall barnyard2; /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort -f snort.u2 -w /usr/local/etc/snort/barnyard2.waldo -D -q\n"); + exec("killall -HUP barnyard2"); } ?>
\ No newline at end of file diff --git a/config/snort/snort.inc b/config/snort/snort.inc index 7320db00..575192b9 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -1184,15 +1184,14 @@ preprocessor frag3_engine: policy first preprocessor frag3_engine: policy bsd detect_anomalies preprocessor stream5_global: max_tcp 8192, track_tcp yes, \ -track_udp yes -# track_icmp yes +track_udp yes, track_icmp yes preprocessor stream5_tcp: bind_to any, policy windows preprocessor stream5_tcp: bind_to any, policy linux preprocessor stream5_tcp: bind_to any, policy vista preprocessor stream5_tcp: bind_to any, policy macos preprocessor stream5_tcp: policy BSD, ports both all, use_static_footprint_sizes preprocessor stream5_udp -# preprocessor stream5_icmp +preprocessor stream5_icmp ########################## # diff --git a/config/snort/snort.xml b/config/snort/snort.xml index 83ac38f0..763f65eb 100644 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -46,8 +46,8 @@ <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> <name>Snort</name> - <version>2.8.4.1_3</version> - <title>Services: Snort 2.8.4.1_3 pkg v. 1.6</title> + <version>2.8.4.1_5</version> + <title>Services: Snort 2.8.4.1_5 pkg v. 1.6</title> <include_file>/usr/local/pkg/snort.inc</include_file> <menu> <name>Snort</name> diff --git a/config/snort/snort_dynamic_ip_reload.php b/config/snort/snort_dynamic_ip_reload.php index 7933ba16..0fad085b 100644 --- a/config/snort/snort_dynamic_ip_reload.php +++ b/config/snort/snort_dynamic_ip_reload.php @@ -3,7 +3,7 @@ /* $Id$ */ /* snort_dynamic_ip_reload.php - Copyright (C) 2006 Scott Ullrich + Copyright (C) 2006 Scott Ullrich and Robert Zeleya All rights reserved. Redistribution and use in source and binary forms, with or without @@ -29,6 +29,7 @@ */ /* NOTE: this file gets included from the pfSense filter.inc plugin process */ +/* NOTE: file location /usr/local/pkg/pf, all files in pf dir get exec on filter reloads */ require_once("/usr/local/pkg/snort.inc"); require_once("service-utils.inc"); @@ -38,12 +39,11 @@ require_once("config.inc"); if($config['interfaces']['wan']['ipaddr'] == "pppoe" or $config['interfaces']['wan']['ipaddr'] == "dhcp") { create_snort_conf(); - mwexec("/sbin/pfctl -t snort2c -T flush"); exec("killall -HUP snort"); /* define snortbarnyardlog_chk */ $snortbarnyardlog_info_chk = $config['installedpackages']['snortadvanced']['config'][0]['snortbarnyardlog']; if ($snortbarnyardlog_info_chk == on) - exec("/usr/bin/killall barnyard2; /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort -f snort.u2 -w /usr/local/etc/snort/barnyard2.waldo -D -q\n"); + exec("killall -HUP barnyard2"); } ?>
\ No newline at end of file |